Linux basic permissions: ubuntu / debian with chmod

Permissions are one of the most important aspects of Linux (actually, of all Unix-based systems). These are used for various purposes, but mainly serve to protect the system and the files of the users and therefore the CHMOD command allows us to modify any permission.

Index of contents

We recommend reading about our guides:

• Debian vs Ubuntu. Best applications for correct email in linux. Linux package manager: PACMAN, YUM, APT. Better linux distributions. Create a Bootable USB from Ubuntu 16.10.

Basic permissions on Linux, Ubuntu, Debian with CHMOD

Manipulating permissions is an interesting but complex activity at the same time. But such complexity should not be interpreted as a difficulty, but as a possibility to deal with a wide variety of configurations, which allows creating various types of protection for files and directories.

As you probably already know, only the super-user (root) has unlimited actions in the system, precisely because it is the user responsible for the configuration, administration and maintenance of Linux. It is up to this, for example, to determine what each user can execute, create, modify, etc.

Of course, the way used to specify what each system user can do is determining permissions. Thus, in this article you will see how to set file and directory permissions, as well as modify them.

Description of permissions

• drwx ——- rw-rw-r–

The lines above represent the output of a written command (ls -l) to list a directory and its permissions. The two elements that appear (“drwx——” and “-rw-rw-r–”) is the way used to display the permissions of the directories and files. It is this element, which is called a chain, that we are going to study.

An interesting point to mention is that Linux treats all directories as files, so permissions apply equally to both. These permissions can be divided into four parts to indicate: type, owner, group and other permissions.

The first character of the string indicates the type of file: if it is “d” it represents a directory, if it is “-” it is equivalent to a file. However, other characters may appear to indicate other types of files, as shown in the following table:

• d: directory b: block file c: special character file p: channel s: socket -: normal file

Now notice that there are still 9 characters in the rest of the string. You know what the first one means. The others are divided into three groups of three, each representing the owner, the group, and all others, respectively. Taking line 2 of the example (-rw-rw-r–), leaving aside the first character and dividing the remaining string into 3 parts, it would look like this:

• rw-: the first part means owner permissions. rw-: the second part means the permissions of the group to which the user belongs. r–: the third part means the permissions to the other users.

Let's understand what these characters mean (r, w, x, -). There are basically three types of permissions: read, write, and execute.

Reading allows the user to read the content of the file but not change it. Writing allows the user to modify the file. Execution, as the name implies, allows the user to execute the file, if it is executable.

But it happens that the permissions do not work in isolation, that is, so that the user has read or write or execute permission. The permissions work together. This means that each file / directory has the three established permissions, it is up to the owner to determine which of these permissions is enabled for users or not.

It may be that a certain number of users have permission to modify a file, but others do not, for example. Hence the need to use groups. In this case, the write permission of this file will be given to the group, so every member user can change the file. Please note that some caution is required with permissions. For example, the one that reports that the user has write permission if they do not have read permission enabled .

Now that we know the meaning of the divisions of the string, let's understand what the letters r, w, x, and the character - represent:

• r: means read permission w: means write permission x: means execution permission - means disabled permission.

The order in which the permissions should appear is rwx. Thus, we will understand the chain of our example by dividing it into 4 parts:

Line 1:

• drwx ——– is a directory (d) - the owner can read, modify and execute it (rwx) - the group cannot read, modify or execute it (-) - the other users cannot read, modify or execute it (-).

Line 2:

• -rw-rw-r–– is a file (-) - the owner can read and modify it but not execute it. Note that this file is not executable, the execute permission appears disabled (rw -) - the group has identical permissions to the owner (rw -) - the other users only have permission to read the file, but cannot modify or execute it (r–).

The following table shows the most common permissions:

• - - -: no permission–: read-permission r-x: read and execute r-: read and write rwx: read, write and execute

Setting permissions with chmod

In the previous topics, you have acquired at least a notion of what permissions are and their importance in Linux. The time has come to learn how to configure permissions, and this is done through the chmod (change mode) command. An interesting detail of this command is that you can configure permissions in two ways: symbolically and numerically. We will first look at the symbolic method.

To get a clearer view of the symbolic form with chmod, imagine that such symbols are in two lists, and the combination of them generates the permission:

List 1

u: user

g: group

O (capital letter 'o'): other

to all

List 2

r: reading

w: writing

x: execution

In order to combine the symbols of these two lists, the operators are used:

+ (plus sign): add permission

- (minus sign): remove permission

= (equal sign): permission setting

To show how this join is done, let's assume that you want to add write permission to the test.txt file for a user. The order entered is:

chmod u + w test.txt

The “u” indicates that the permission is given to a user, the plus sign (+) indicates that a permission is added and “w” indicates that the permission that is given is write.

In case you want to give your group read and write permissions, the command will be:

chmod g + rw test.txt

Now, let's assume that the file test.txt should have all the permissions available for the group. We can then use:

chmod g = rwx test.txt

Tip: create files and directories. Next, try combining permissions with chmod. This will help you a lot in understanding this resource.

Using chmod with the numerical method

Using chmod with numeric values ​​is quite a practical task. Instead of using letters as symbols for each permission, numbers are used. If a permission is enabled, it is assigned a value of 1, otherwise, a value of 0 is assigned.

WE RECOMMEND YOU The best office applications for Ubuntu

Thus, the permission string r-xr—– in numerical form would be 101100000. This combination of 1 and 0 is a binary number. But we still have to add the decimal form (that is, the numbers from 0 to 9). For this, keep in mind the following table:

Excuse me	Binary	Decimal
- - -	000
- -x	001	one
-w-	010	two
-wx	011	3
r–	100	4
rx	101	5
rw-	110	6
rwx	111	7

If you don't know the binary system, you must be wondering what this table of 0 and 1 has to do with the numbers from 0 to 7. Since the binary system only works with the numbers 0 and 1 (the decimal works with the numbers of 0 to 9, that is, it is the numbering system that we use in our daily life), it takes a sequence to represent the values. Thus, in the previous table, the “Binary” column shows what the binary values ​​of the numbers from 0 to 7 look like in the decimal system.

It was time then to relate the explanation of the previous paragraph with the column “Permission”. To exemplify it, we are going to use the permission rw-, whose binary value is 110, which in turn, in decimal corresponds to the number 6. So, instead of using rw- or 110 to create the permission, we simply use the number 6. Note that with the numerical method, we use only one digit to represent one permission, instead of three. Thus, the permission chain r – r – r– can be represented by 444, since r– in decimal is equal to 4. Look at the following example:

chmod 600 notes.txt

In this way, the permissions rw ——- are being given to the notes.txt file, since 6 is equivalent to rw- and 0 is equivalent to -. Since zero appears twice, the value of 600 is then formed.

Other examples:

chmod 755 test.txt

Assign read, write and execute permissions for the owner of the file (7), read and execute for the users of the same group (5), and also for other users (5).

chmod 640 test.txt

Assign read and write permissions (6) for the owner, read-only for users in the same group (4), and no permissions for other users (0).

Start the above command with a test file, and then type ls -l notes.txt to see what appears (notes.txt should be replaced by the file you are using). The following table shows a list of the most used configurations:

- - - - - - - - -	000
r ——–	400
r — r – r–	444
rw——	600
rw-r – r–	644
rw-rw-rw-	666
rwx——	700
rwxr-x—	750
rwxr-xr-x	755
rwxrwxrwx	777

The last three permissions in the table are commonly used for programs and directories.

Last details

As you have seen, it is much more practical to use chmod with the numerical method. But you may have been confused with this whole permission scheme.

The thing is, on Unix-based systems, permissions are one of the most complex aspects out there. Such complexity is equivalent to the efficiency of the use of permits. So the best way to understand permissions is by training. Practice, create permissions and see the results.